Available Technologies

A Systematic Approach to Minimizing Packet Classifiers in TCAMs

Case ID:
TEC2009-0003

Web Published:
2/25/2011

Introduction

Packet classification enables many networking services on the Internet, such as firewall packet filtering and traffic accounting. Using Ternary Content Addressable Memory (TCAM) chips to perform high-speed packet classification has become the de facto standard in industry. TCAM chips classify packets by comparing a packet with the full suite of classification rules in ternary encoding, the comparison being done in parallel.

Unfortunately, TCAMs have limitations of relatively small capacity, high power consumption & heat generation, and high cost. The well-known, range-expansion problem exacerbates these limitations by significantly decreasing the limited capacity of TCAMs as each classifier rule typically has to be converted into multiple TCAM rules.

Traditional packet classification looks at five fields: source and destination IP addresses, source and destination port numbers, and protocol type. New Internet services and new security threats are leading to more complex rule sets. Along with the increasing adoption of IPv6, the size and width growth of packet classifiers puts more demand on TCAM capacity.

Description of Technology

Michigan State University has developed a suite of algorithms to enable the optimal use of TCAM chips. This algorithm takes a given packet classifier as an input and then outputs a semantically equivalent packet classifier that requires a minimized number of TCAM entries. TCAM Razor uses decision diagrams and dynamic programming to minimize the required chip size, thus decreasing the total cost and power requirements for TCAM chips.